Could you try adding <wsp:PolicyReference> to the <wsdl:binding> element in the WSDL file? And what your callback handler class looks like?
Regards. Xilai -----Original Message----- From: simonlmartin [mailto:[email protected]] Sent: Thursday, April 25, 2013 6:11 AM To: [email protected] Subject: Plain text password ws-policy Hi, I have been trying for a few days to get a WS-POLICY to function in my cxf code. I am using version 2.7.4 of cxf and have attached the policy using an annotation to my java first code. I want to support a username and plain text password and have implemented a validator which subclasses UsernameTokenValidator in order to authorize the user. This code is called and seems to work but I always get an error saying "These policy alternatives can not be satisfied: {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SupportingTokens {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken"; The policy I am using is one which I found in one of the cxf tests and I have pasted it below along with the generated wsdl. I have also pasted my SOAP request that I am using to test and the response I am receiving from cxf. I'd appreciate any help that anyone can give me. Thanks, Simon. ------------------------ws-policy------------------------------ <?xml version="1.0" encoding="UTF-8" ?> <wsp:Policy wsu:Id="policy" xmlns:wsp="http://www.w3.org/ns/ws-policy"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <sp:SupportingTokens> <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> <wsp:Policy/> </sp:UsernameToken> </wsp:Policy> </sp:SupportingTokens> </wsp:Policy> ------------------------WSDL Generated------------------------ <?xml version="1.0" ?><wsdl:definitions xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:wsp="http://www.w3.org/ns/ws-policy"; xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"; xmlns:tns="http://test.example.com/semanticServices"; xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; xmlns:ns1="http://schemas.xmlsoap.org/soap/http"; name="semanticServicesIcdUpdateService" targetNamespace="http://test.example.com/semanticServices";> <wsdl:types> <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:tns="http://test.example.com/semanticServices"; xmlns:ns0="http://icdupdateservice.ontology"; attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://test.example.com/semanticServices";> <xsd:import namespace="http://icdupdateservice.ontology";></xsd:import> <xsd:complexType name="ArrayOfString"> <xsd:sequence> <xsd:element maxOccurs="unbounded" minOccurs="0" name="string" nillable="true" type="xsd:string"></xsd:element> </xsd:sequence> </xsd:complexType> <xsd:element name="updateICD" type="tns:updateICD"></xsd:element> <xsd:complexType name="updateICD"> <xsd:sequence> <xsd:element minOccurs="0" name="ICDUpdateServiceRequest" type="ns0:ArrayOfICDUpdateServiceRequest"></xsd:element> </xsd:sequence> </xsd:complexType> <xsd:element name="updateICDResponse" type="tns:updateICDResponse"></xsd:element> <xsd:complexType name="updateICDResponse"> <xsd:sequence> <xsd:element minOccurs="0" name="updateICDResponse" type="ns0:ArrayOfICDUpdateServiceResponse"></xsd:element> </xsd:sequence> </xsd:complexType> </xsd:schema> <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:tns="http://icdupdateservice.ontology"; xmlns:ns1="http://test.example.com/semanticServices"; xmlns:ns0="http://jastor.rdf.opentest.org"; attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://icdupdateservice.ontology";> <xsd:import namespace="http://test.example.com/semanticServices";></xsd:import> <xsd:import namespace="http://jastor.rdf.opentest.org";></xsd:import> <xsd:complexType name="ArrayOfICDUpdateServiceRequest"> <xsd:sequence> <xsd:element maxOccurs="unbounded" minOccurs="0" name="ICDUpdateServiceRequest" nillable="true" type="tns:ICDUpdateServiceRequest"></xsd:element> </xsd:sequence> </xsd:complexType> <xsd:complexType name="ICDUpdateServiceResponse"> <xsd:complexContent> <xsd:extension base="ns0:Thing"> <xsd:sequence> <xsd:element minOccurs="0" name="failureMessage" type="xsd:string"></xsd:element> <xsd:element minOccurs="0" name="icdIdentifier" type="xsd:string"></xsd:element> <xsd:element minOccurs="0" name="updateStatus" type="xsd:boolean"></xsd:element> </xsd:sequence> </xsd:extension> </xsd:complexContent> </xsd:complexType> <xsd:complexType name="ICDUpdateServiceRequest"> <xsd:complexContent> <xsd:extension base="ns0:Thing"> <xsd:sequence> <xsd:element minOccurs="0" name="applicationName" type="xsd:string"></xsd:element> <xsd:element minOccurs="0" name="businessObject" type="ns1:ArrayOfString"></xsd:element> <xsd:element minOccurs="0" name="icdIdentifier" type="xsd:string"></xsd:element> <xsd:element minOccurs="0" name="interfacePurpose" type="xsd:string"></xsd:element> <xsd:element minOccurs="0" name="userID" type="xsd:string"></xsd:element> </xsd:sequence> </xsd:extension> </xsd:complexContent> </xsd:complexType> <xsd:complexType name="ArrayOfICDUpdateServiceResponse"> <xsd:sequence> <xsd:element maxOccurs="unbounded" minOccurs="0" name="ICDUpdateServiceResponse" nillable="true" type="tns:ICDUpdateServiceResponse"></xsd:element> </xsd:sequence> </xsd:complexType> </xsd:schema> <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:tns="http://jastor.rdf.opentest.org"; xmlns:ns0="http://rdf.opentest.org"; attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://jastor.rdf.opentest.org";> <xsd:import namespace="http://rdf.opentest.org";></xsd:import> <xsd:complexType name="Thing"> <xsd:sequence> <xsd:element minOccurs="0" name="URI" nillable="true" type="xsd:string"></xsd:element> <xsd:element minOccurs="0" name="typeURI" nillable="true" type="ns0:URI"></xsd:element> </xsd:sequence> </xsd:complexType> </xsd:schema> <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:tns="http://rdf.opentest.org"; attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://rdf.opentest.org";> <xsd:complexType name="URI"> <xsd:sequence> <xsd:element minOccurs="0" name="localName" nillable="true" type="xsd:string"></xsd:element> <xsd:element minOccurs="0" name="namespace" nillable="true" type="xsd:string"></xsd:element> </xsd:sequence> </xsd:complexType> </xsd:schema> </wsdl:types> <wsdl:message name="updateICDResponse"> <wsdl:part element="tns:updateICDResponse" name="parameters"> </wsdl:part> </wsdl:message> <wsdl:message name="updateICD"> <wsdl:part element="tns:updateICD" name="parameters"> </wsdl:part> </wsdl:message> <wsdl:portType name="IcdUpdate"> <wsdl:operation name="updateICD"> <wsdl:input message="tns:updateICD" name="updateICD"> </wsdl:input> <wsdl:output message="tns:updateICDResponse" name="updateICDResponse"> </wsdl:output> </wsdl:operation> </wsdl:portType> <wsdl:binding name="semanticServicesIcdUpdateServiceSoapBinding" type="tns:IcdUpdate"> <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http";></soap:binding> <wsdl:operation name="updateICD"> <soap:operation soapAction="" style="document"></soap:operation> <wsdl:input name="updateICD"> <soap:body use="literal"></soap:body> </wsdl:input> <wsdl:output name="updateICDResponse"> <soap:body use="literal"></soap:body> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:service name="semanticServicesIcdUpdateService"> <wsdl:port binding="tns:semanticServicesIcdUpdateServiceSoapBinding" name="IcdUpdatePort"> <soap:address location="http://127.0.0.1/ws-soap/ICDUpdateService/ICDUpdateService";></soap:address> </wsdl:port> <wsp:PolicyReference URI="#policy"></wsp:PolicyReference> <wsp:PolicyReference URI="#policy"></wsp:PolicyReference> </wsdl:service> <wsp:Policy xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://www.w3.org/ns/ws-policy"; xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; wsu:Id="policy"> <sp:SupportingTokens> <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> <wsp:Policy></wsp:Policy> </sp:UsernameToken> </wsp:Policy> </sp:SupportingTokens> </wsp:Policy> </wsdl:definitions> ----------------------SOAP request------------------------------------- <soapenv:Envelope xmlns:icd="http://icdupdateservice.ontology"; xmlns:jas="http://jastor.rdf.opentest.org"; xmlns:rdf="http://rdf.opentest.org"; xmlns:sem="http://test.example.com/semanticServices"; xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> <soapenv:Header><wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";><wsse:UsernameToken wsu:Id="UsernameToken-1"><wsse:Username>sysadmin</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>123</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";>StjeeU9EtncKrAnc3wsXxA==</wsse:Nonce><wsu:Created>2013-04-24T21:50:40.770Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header> <soapenv:Body> <sem:updateICD> <sem:ICDUpdateServiceRequest> <icd:ICDUpdateServiceRequest> <icd:applicationName>test</icd:applicationName> <icd:businessObject> <sem:string>test bo</sem:string> </icd:businessObject> <icd:icdIdentifier>http://test.example.com/CCS/HumanActor/d47767f4-26b6-4b7b-9f1e-a83303e2157f</icd:icdIdentifier> <icd:interfacePurpose>aie</icd:interfacePurpose> <icd:userID>lee</icd:userID> </icd:ICDUpdateServiceRequest> </sem:ICDUpdateServiceRequest> </sem:updateICD> </soapenv:Body> </soapenv:Envelope> --------------------------------SOAP response-------------------------------------------- <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";> <soap:Body> <soap:Fault> <faultcode>soap:Server</faultcode> <faultstring>These policy alternatives can not be satisfied: {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SupportingTokens {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken</faultstring> </soap:Fault> </soap:Body> </soap:Envelope> -- View this message in context: http://cxf.547215.n5.nabble.com/Plain-text-password-ws-policy-tp5726729.html Sent from the cxf-user mailing list archive at Nabble.com.
